<?php
class UsersController extends AppController {

	var $name = 'Users';
	var $helpers = array('Html', 'Form');

	function index() {
		$this->User->recursive = 0;
		$this->set('users', $this->paginate());
	}

	function view($id = null) {
		if (!$id) {
			$this->Session->setFlash(__('Invalid User.', true));
			$this->redirect(array('action'=>'index'));
		}
		$this->set('user', $this->User->read(null, $id));
	}

	function add() {
		if (!empty($this->data)) {
			$this->User->create();
			if ($this->User->save($this->data)) {
				$this->Session->setFlash(__('The User has been saved', true));
				$this->redirect(array('action'=>'index'));
			} else {
				$this->Session->setFlash(__('The User could not be saved. Please, try again.', true));
			}
		}
	}

	function edit($id = null) {
		if (!$id && empty($this->data)) {
			$this->Session->setFlash(__('Invalid User', true));
			$this->redirect(array('action'=>'index'));
		}
		if (!empty($this->data)) {
			if ($this->User->save($this->data)) {
				$this->Session->setFlash(__('The User has been saved', true));
				$this->redirect(array('action'=>'index'));
			} else {
				$this->Session->setFlash(__('The User could not be saved. Please, try again.', true));
			}
		}
		if (empty($this->data)) {
			$this->data = $this->User->read(null, $id);
		}
	}

	function delete($id = null) {
		if (!$id) {
			$this->Session->setFlash(__('Invalid id for User', true));
			$this->redirect(array('action'=>'index'));
		}
		if ($this->User->del($id)) {
			$this->Session->setFlash(__('User deleted', true));
			$this->redirect(array('action'=>'index'));
		}
	}

	var $components = array('Auth');


    function login()
    {
		echo "ffff";
        //Don't show the error message if no data has been submitted.
        $this->set('error', false);
        // If a user has submitted form data:
        if (!empty($this->data))
        {
			echo "你提交了";
            // First, let's see if there are any users in the database
            // with the username supplied by the user using the form:
            $someone = $this->User->findByUsername($this->data['User']['username']);
            // At this point, $someone is full of user data, or its empty.
            // Let's compare the form-submitted password with the one in
            // the database.
			echo "<br>".$someone['User']['pasword'];
			foreach ($this->data['User'] as $value) {

				echo "<br>gg".$value;
			}
			
            if(!empty($someone['User']['pasword']) && $someone['User']['pasword'] == $this->data['User']['password'])
            {
				echo "进入这里了？";
                // Note: hopefully your password in the DB is hashed,
                // so your comparison might look more like:
                // md5($this->data['User']['password']) == ...
                // This means they were the same. We can now build some basic
                // session information to remember this user as 'logged-in'.
                $this->Session->write('User', $someone['User']);
                // Now that we have them stored in a session, forward them on
                // to a landing page for the application.
				$this->Session->setFlash(__('Login succes', true));
                $this->redirect('/users/index');
            }
            // Else, they supplied incorrect data:
            else
            {
				echo "进入这里了？2";
                // Remember the $error var in the view? Let's set that to true:
                $this->set('error', true);
            }
        }else{
			echo "你没有提交";
		}
    }

 //所有的配置都将在Controller的beforeFilter函数中进行
function beforeFilter(){

    //指定username和password使用的数据库字段
    $this->Auth->fields = array('username' => 'username', 'password' => 'pasword');

    //指定用户登录表单地址
    $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');

    //指定验证通过后的转向地址
    //$this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'index');

    //指定退出登录的转向地址
    $this->Auth->logoutRedirect = '/';

    //指定验证失败的错误信息
    $this->Auth->loginError = 'Invalid e-mail / password combination.  Please try again';

    //指定是否自动重定向
    $this->Auth->autoRedirect = false;

    /*
    指定提供验证附加方法(isAuthorized)的途径
    这就指定Auth组件从控制器的isAuthorized方法中获取用户验证的额外信息
    控制器必须实现isAuthorized方法，该方法的示例在下面展示。
    */
    $this->Auth->authorize = 'controller';

    //指定Auth的CRUD动作映射到的方法
    $this->Auth->mapActions(array('read'=> array('display')));

    //指定不需要验证的方法，默认情况下，所有方法均需要验证
    $this->Auth->allow('add', 'view');

    //也可以使用通配符
    $this->Auth->allow('*');

}

/*
这个是isAuthorized方法的示例
*/
function isAuthorized() {
    if (isset($this->params[Configure::read('Routing.admin')])) {
        if ($this->Auth->user('admin') == 0) {
            return false;
        }
    }
    return true;
}

	function logout() {
		$this->redirect($this->Auth->logout());
	}

}
?>